package com.interceptor;

import com.alibaba.fastjson.JSONObject;
import com.crmeb.core.common.CommonResult;
import com.crmeb.core.exception.CrmebException;
import com.utils.RequestUtil;
import com.zbkj.crmeb.system.model.SystemAdmin;
import com.zbkj.crmeb.system.model.SystemRole;
import com.zbkj.crmeb.system.service.SystemAdminService;
import com.zbkj.crmeb.system.service.SystemRoleService;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;

//操作拦截器1

public class OperationAuthInterceptor implements HandlerInterceptor {
    @Autowired
    private SystemRoleService systemRoleService;

    @Autowired
    private SystemAdminService systemAdminService;

    private static final Map<String,String> canAccessMap = new HashMap<>();

    static {
        canAccessMap.put("api/admin/getAdminInfoByToken","");
        canAccessMap.put("api/admin/mer/user/enableIntegral","");
        canAccessMap.put("api/admin/system/role/info","");
        canAccessMap.put("api/admin/category/list/tree","");
        canAccessMap.put("api/admin/system/config/getuniq","");
        canAccessMap.put("api/admin/store/product/tabs/headers","");
        canAccessMap.put("api/admin/store/brand/list","");
        canAccessMap.put("api/admin/store/supplier/getCloudSupplier","");
        canAccessMap.put("api/admin/store/zoneAndBanner/zone/list","");
        canAccessMap.put("api/admin/store/season/list","");
        canAccessMap.put("api/chant/channel-merchant/stockArea","");
        canAccessMap.put("api/admin/tools/exchange/list","");
        canAccessMap.put("api/admin/store/product/list","");
    }

    //程序处理之前需要处理的业务
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        response.setCharacterEncoding("UTF-8");
        String uri = RequestUtil.getUri(request);
        if(uri == null || uri.isEmpty()){
            response.getWriter().write(JSONObject.toJSONString(CommonResult.failed("当前操作无权限，请联系管理员！")));
            return false;
        }

        // 校验是否有当前操作权限
        //获取当前用户的所有权限
        SystemAdmin systemAdmin = systemAdminService.getInfo();
        if(null == systemAdmin){
            throw new CrmebException("当前操作无权限，请联系管理员！");
        }
        // 不是浏览者不拦截
        if (!Objects.equals(systemAdmin.getAccount(),"visitor")){
            return true;
        }
        if (!canAccessMap.containsKey(uri)){
//            throw new CrmebException("当前操作无权限，请联系管理员！");
            response.getWriter().write(JSONObject.toJSONString(CommonResult.failed("当前操作无权限，请联系管理员！")));
            return false;
        }
        return true;
    }

    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) {
    }

    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) {

    }

}
